It’s an unfortunate reality that the construction industry is increasingly vulnerable to cybercrime threats, and with additional technology platforms constantly rolling out there are no signs of the crime slowing down. Hackers are more adept at staying on the heels of these companies than the companies are of protecting themselves and preventing future security breaches. Although cybercrime is seen within all industries in today’s age of cutting-edge technology, the risks associated with the construction industry are particularly prevalent, which is why it’s imperative that construction companies implement effective cyber security.
The construction industry lags behind others when investing in high-level security and keeping up with current threats, and hackers are well aware and take advantage. According to the JB Knowledge 2016 Construction Technology Report, firms indicate that the biggest challenges they face in adopting new technology are the lack of IT staff, inadequate budgets, and both employee and management resistance. In other words, they underestimate the likelihood of hackers’ interest and don’t invest in enough protection, which makes it easy for hackers to infiltrate their systems. Small companies are especially oblivious and assume only large corporations are targets, but they’re just as vulnerable. In fact, in 2016, hacker targeting of small businesses increased from 34 percent to 43 percent.
Due to factors like a rapidly increasing number of vendors entering the construction marketplace, high turnover, and the use of mobile offices, hackers are a pervasive threat to construction companies and the sensitive information they hold. Although it might not be obvious, the construction industry is just as reliant on technology as other industries and utilizes many tools, including onboard computers, sensors, telematics, GPS, Building Information Modeling, integrated project delivery, and a variety of others. Using this kind of technology, construction companies electronically store their employees’ and their clients’ information, including social security numbers, bank accounts for payroll, and healthcare information – all of which is worth money to hackers. Even project bids and intellectual property are at stake and can compromise a company, its vendors, employees, and clients.
Many security experts agree it’s a matter of when, not if, hackers target your company, but there’s no reason to feel powerless amid the abundance of cybercrime in the industry. To start, companies should allocate more resources toward cybercrime prevention, specifically in the areas of training, establishing IT protocols, developing response and recovery plans, and reviewing their insurance coverage.
Once these protocols and prevention efforts are in place, companies should invest in cybercrime insurance. Currently, this type of insurance is incredibly undervalued with only about one in five companies insured for cybercrime losses, yet it can help tremendously in complementing preparedness and protection against attacks and breaches. Cybercrime insurance allows companies to be proactive rather than reactive. Should your company suffer a data breach such as the one Turner Construction faced in early 2016 when an employee inadvertently emailed the names and social security numbers of current and former employees to a fraudulent email account, protocol will already be set in place to offset the damage that ensues.
Unfortunately, the breaches and risks associated with cyber security are here to stay. Reduce your company’s chance of becoming cybercrime’s next victim and ask your HUB broker about the kind of insurance protection you should invest in.